using System;
using System.Web.Mvc;
using AspNetMvcViewBestPractices.Models;

namespace AspNetMvcViewBestPractices.Controllers
{    
    public class AccountController : Controller
    {
        public ActionResult LogOn()
        {
            return View(new LogOnForm());
        }

        [AcceptVerbs(HttpVerbs.Post)]
        public ActionResult LogOn(LogOnForm logOnForm)
        {
            if (!ValidateLogOn(logOnForm.UserName, logOnForm.Password))
            {
                return View(logOnForm);
            }

            return RedirectToAction("Index", "Product");
        }

        private bool ValidateLogOn(string userName, string password)
        {
            if (String.IsNullOrEmpty(userName))
            {
                ModelState.AddModelError("username", "You must specify a username.");
            }
            if (String.IsNullOrEmpty(password))
            {
                ModelState.AddModelError("password", "You must specify a password.");
            }
            if (!(userName == "admin" && password == "password"))
            {
                ModelState.AddModelError("_FORM", "The username or password provided is incorrect.");
            }

            return ModelState.IsValid;
        }
    }
}